<?php


if (!defined('PUBLIC_HTML'))
{
	exit;
}

/***************************
* PAGE DELETE
***************************/
if (isset($_POST['del_submit']))
{
	if (isset($_GET['del_id']))
	{
		//Delete all the users data, pms and replies
		if ($user->is_admin)
		{
			$db->sql_delete_row(TABLE_USERS, 'user_id', $_GET['del_id']);
			redirect('cms.php?p=users&delete_succes=1');
			exit;
		}
	}
}

if ($user->is_admin) { $tpl_content->newBlock("ADMIN"); }
if (isset($_GET['edit_succes'])) { $tpl_content->newBlock("USER EDITED"); }
if (isset($_GET['delete_succes'])) { $tpl_content->newBlock("USER DELETED"); }
if (isset($_GET['add_succes'])) { $tpl_content->newBlock("USER ADDED"); }

/***************************
* GET USERS
***************************/
if (isset($_GET['zoeken']))
{
	$get_users ="
				SELECT 		* 
				FROM 		" . TABLE_USERS . " 
				WHERE 		username 	LIKE	'%".$_GET['zoeken']."%'
				AND			username	!=		'Administrator'
				ORDER BY 	username 
				ASC
				";
}
elseif (isset($_POST['q']))
{
	$get_users ="
				SELECT 		* 
				FROM		" . TABLE_USERS . " 
				WHERE 		username 	LIKE	'%".$_POST['q']."%'
				AND			username	!=		'Administrator'
				ORDER BY 	username 
				ASC
				";
}
else
{
	$get_users ="
				SELECT		* 
				FROM		" . TABLE_USERS . "
				WHERE		username	!=		'Administrator'
				ORDER BY	username
				ASC
				";
}

$sql_users = $db->sql_query($get_users);
	
while($row_users = $db->sql_fetch_array($sql_users))
{
	$user_level		= ($row_users['user_level'] == 1)	? "Beperkt"		: "Volledig";
	$user_active	= ($row_users['user_active'] == 0)	? "Non-actief"	: "Actief";
	
	if ($user->is_admin)
	{
		$confirm = "onclick='return confirm(\"Weet u zeker dat u gebruiker ".$row_users['username']." wilt verwijderen?\")'";
		$delkeuze = 1;
			
		if(isset($delkeuze) && $delkeuze == 0)
		{
			$user_delete = '<a '.$confirm.'><img src="img/icons/delete.png" alt="delete" /></a>';
		}
		elseif(isset($delkeuze) && $delkeuze == 1)
		{
			$user_delete    =
			'
			<form id="delete_'.$row_users['user_id'].'" method="post" action="?p=users&del='.$row_users['user_id'].'">
			<a '.$confirm.'><input class="delete" type="submit" name="del_submit" value="" /></a>
			</form>
			';
		}
	}
	else
	{
		$user_delete = '';
	}
	
	$edit_url = "cms.php?p=users&act=edit&id=".$row_users['user_id'];	
	
	$tpl_content->newBlock("GET USERS");
	$tpl_content_vars = array(
		'USER_ID'		=> $row_users['user_id'],
		'USERNAME'		=> $row_users['username'],
		'USER_ACTIVE'	=> $user_active,
		'USER_LEVEL'	=> $user_level,
		'USER_DELETE'	=> $user_delete,
	);
	$tpl_content->assign($tpl_content_vars);
	
	if ($user->is_admin || $row_users['user_id'] == $user->data['user_id'])
	{
		$tpl_content->newBlock("EDIT");
		$tpl_content->assign('ONCLICK_PATH', $edit_url);
	}
	
	if ($user->is_admin)
	{
		$tpl_content->newBlock("DELETE");
		$tpl_content->assign('USER_ID', $row_users['user_id']);
	}
}

?>